2 matches found
CVE-2018-6324
The CVE-2018-6324 issue affects F-Secure Radar (on-premises) prior to 2018-02-15, with an unvalidated Redirect via the ReturnUrl parameter that occurs after login. Impact described as an open redirect; user is redirected to a user-controlled destination, potentially leading to phishing or credent...
CVE-2018-6189
CVE-2018-6189 affects F-Secure Radar (on-premises) prior to 2018-02-15, enabling a cross-site scripting (XSS) vulnerability via the Tags parameter in the JSON body of an outbound request to /api/latest/vulnerabilityscans/tags/batch. The issue is described as a “suggested metadata tags for assets”...